Skip to main content
Jump to: navigation, search

Difference between revisions of "Org.eclipse.higgins.icard"

(ICard Interface)
Line 5: Line 5:
 
All [[I-Card]]s must implement the ICard Interface:
 
All [[I-Card]]s must implement the ICard Interface:
  
  // Return the human friendly name of the card
+
  //Returns the type of this i-card (e.g. "uri", "cardspace", "idemix", "openid", etc.)
  String getDisplayName();
+
  String getType();
 +
 
   
 
   
 
  // A card identifier that is unique to the card issuer. Or at least that
 
  // A card identifier that is unique to the card issuer. Or at least that
Line 12: Line 13:
 
  // see no reason not to follow
 
  // see no reason not to follow
 
  // Return the identifier string   
 
  // Return the identifier string   
  String getCardId();
+
  String getId();
 
   
 
   
// Returns the human friendly name of the card issuer
 
String getIssuerName();
 
 
   
 
   
  // Returns the URI of the issuer
+
  // The unique identifier of the i-card in the i-card registry.
 +
// Because different i-card providers could contains i-cards with the same
 +
// ID, it could be difficult to retrieve the same i-card from the i-card
 +
// registry again using i-card ID.
 +
// The UUID must be unique over all i-card providers in the i-card registry
 +
// to allow retrieve the same i-card from the i-card registry multiple times.
 +
CUID getCUID();
 +
 +
 +
// The version of the card. Useful in subsequent import operations,
 +
// so that cards can be updated or overwritten.
 +
String getVersion();
 +
 +
 +
//the human friendly name of the card. The only thing that will be
 +
// possible to modify after the import.
 +
String getName();
 +
 +
 +
// Representation of a background image of the card.
 +
byte[] getImage();
 +
 +
 +
// The mime type of the background image (JPEG or GIF).
 +
String getImageType();
 +
 +
 +
// Name of the issuer of the card. Used to match the required issuer, if a relying party specifies an issuer in the policy.
 
  String getIssuer();
 
  String getIssuer();
 
   
 
   
// Returns a background image of the card
 
Image getCardImage();
 
 
   
 
   
  // Return the mime type of the background image (JPEG or GIF)
+
  // The human friendly name of the card issuer
  String getImageMimeType();
+
  String getIssuerName();
 +
 
   
 
   
 
  // Returns when the card was first issued, created, originated
 
  // Returns when the card was first issued, created, originated
 
  Date getTimeIssued();
 
  Date getTimeIssued();
 +
 
   
 
   
 
  // Returns (optionally) the time after which the card should
 
  // Returns (optionally) the time after which the card should
 
  // be considered expired, invalid. Otherwise returns null
 
  // be considered expired, invalid. Otherwise returns null
  Date getExpiredTime();
+
  Date getTimeExpires();
 +
 
   
 
   
 
  // If card handles only simple claim types then  
 
  // If card handles only simple claim types then  
Line 43: Line 70:
 
  // the schema of c (retrieved by c.getSchema())  
 
  // the schema of c (retrieved by c.getSchema())  
 
  List getSupportedSimpleClaimTypes() throws ComplexSchemaException;
 
  List getSupportedSimpleClaimTypes() throws ComplexSchemaException;
 +
 +
 +
// List of all possible types of claims (as String) that are supported.
 +
public List getSupportedClaimTypesUris();
 +
 +
 +
// List of claims provided by this ICard.
 +
Iterator getClaims();
 +
 +
 +
// Retrieve the value of a simple claim type
 +
IClaim getClaim(String type);
 +
 +
 +
IClaim getClaimByShortName(String shortTypeName);
 +
 +
 +
// Provider of this card
 +
ICardProvider getProvider();
 +
 +
 +
//
 +
String getDescription();
 +
 +
 +
//
 +
void setName(String newName) throws CardException;
 +
 +
 +
//
 +
void setImage(byte[] newImage, String newImageType) throws CardException;
 +
 +
 +
//
 +
void setIssuerName(String name) throws CardException;
 +
 +
 +
//
 +
void setExpiredTime(Date date) throws CardException;
 +
 +
 +
// The list of token types could be issued using this card (this method was moved from ITokenCard)
 +
List getSupportedTokenTypes();
 +
 +
 +
// Indicates that this card has been issued by user (claim values can be editable)
 +
public boolean isSelfIssued();
 +
 +
 +
// Date when the card was last updated
 +
Date getTimeLastUpdated() throws CardException;
 +
 +
 +
=== We need to review the following methods of ICard interface (now are absent) ===
 +
 +
 +
// If card is of type (1) then return a [[Digital Identity]]
 +
// that satisfies the policy ''policy''
 +
// The ''credential'' parameter used to authenticate to the
 +
// Token Issuer--may be null if Token Issuer policy doesn't require it
 +
DigitalIdentity requestDigitalIdentity(Policy policy, DigitalIdentity credential);
 +
 
   
 
   
 
  // Returns a read-only Context containing one Digital Subject that can be queried for  
 
  // Returns a read-only Context containing one Digital Subject that can be queried for  
Line 53: Line 142:
 
  IContext getDisplayContext() throws NoDisplayContextException;
 
  IContext getDisplayContext() throws NoDisplayContextException;
 
   
 
   
// Retrieve the value of a simple claim type
 
// Note 1: Implementations of this method will likely retrieve and cache all
 
// supported simple claim type values in a single operation
 
// Note 2: This is a convenience method that performs a getContext()
 
// to get the context, finds the singleton DS, and reads the claimType
 
// attribute specified
 
// Returns the value of the claim type ClaimType
 
String getClaimValue(String claimType) throws ComplexSchemaException;
 
 
   
 
   
 
  // Return whether the user wishes to be asked for explicit release of
 
  // Return whether the user wishes to be asked for explicit release of
Line 66: Line 147:
 
  // the first time it is requested (iii) never  
 
  // the first time it is requested (iii) never  
 
  ReleasePolicy getReleasePolicy();
 
  ReleasePolicy getReleasePolicy();
 +
 
   
 
   
 
  // Set the release policy of this card
 
  // Set the release policy of this card
 
  void setReleasePolicy(ReleasePolicy) throws CardNotOpenException;
 
  void setReleasePolicy(ReleasePolicy) throws CardNotOpenException;
 +
 
   
 
   
 
  // Return a list of the types of exported card data stream formats supported
 
  // Return a list of the types of exported card data stream formats supported
 
  // ?? presumably a CardFormat also mentions XML language and/or version number
 
  // ?? presumably a CardFormat also mentions XML language and/or version number
 
  List getSupportedExportFormats();
 
  List getSupportedExportFormats();
 +
 
   
 
   
 
  // Return a data stream containing a serialization of the card
 
  // Return a data stream containing a serialization of the card
Line 78: Line 162:
 
  // E.g. CardSpace I-Cards will export CardSpace format data
 
  // E.g. CardSpace I-Cards will export CardSpace format data
 
  String export(CardFormat format);
 
  String export(CardFormat format);
 +
 
   
 
   
 
  // UPDATE-RELATED METHODS
 
  // UPDATE-RELATED METHODS
 +
 
   
 
   
 
  // Open the card itself for update. These methods are
 
  // Open the card itself for update. These methods are
Line 89: Line 175:
 
  // value of getIssuerURI()
 
  // value of getIssuerURI()
 
  final void open(String editorID);
 
  final void open(String editorID);
 +
 
   
 
   
 
  // Return true if card is open for update
 
  // Return true if card is open for update
 
  boolean isOpen();
 
  boolean isOpen();
 +
 
   
 
   
 
  // Close a card for update.
 
  // Close a card for update.
 
  void close() throws CardNotOpenException;
 
  void close() throws CardNotOpenException;
 +
 
   
 
   
// Set the human friendly name of the card
 
// throws: CardUpdateException if card has not been opened
 
void setDisplayName(String name) throws CardNotOpenException;
 
 
// Sets the card's human friendly name of the card issuer
 
void setIssuerName(String name) throws CardNotOpenException;
 
 
 
// Sets the background image of the card
 
void setCardImage(Image image) throws CardNotOpenException;
 
 
// Set the expiration date and time
 
void setExpiredTime(Date date) throws CardNotOpenException;
 
 
 
===To Do===
 
===To Do===
  
Line 114: Line 190:
 
* Future: we may want to add methods (analogous to the ones mentioned above) to inform the user about the format of the underlying data (e.g. LDAP, RDF, RDBMS, email contacts, etc.)
 
* Future: we may want to add methods (analogous to the ones mentioned above) to inform the user about the format of the underlying data (e.g. LDAP, RDF, RDBMS, email contacts, etc.)
  
==ITokenCard Interface (extends ICard interface)==
 
  
All [[I-Card]]s must implement this interface.  
+
 
 +
 
 +
==IInformationCard Interface (extends ICard interface)==
 +
 
 +
All CardSpace-interoperable cards must implement this interface.  
 +
 
 +
// Random entropy used for computing the PPID claim value for the card
 +
byte[] getHashSalt();
 
   
 
   
// If card is of type (1) then return a [[Digital Identity]]
 
// that satisfies the policy ''policy''
 
// The ''credential'' parameter used to authenticate to the
 
// Token Issuer–-may be null if Token Issuer policy doesn’t require it
 
DigitalIdentity requestDigitalIdentity(Policy policy, DigitalIdentity credential);
 
 
   
 
   
  // Return the EPR of the card issuer
+
  // Used as the entropy to generate the token signing key
  // For CardSpace cards this is either the local STS endpoint (for
+
  byte[] getMasterKey();
// self-asserted cards) or a remote STS (for managed cards)
+
EndpointReference getCardIssuerEndpoint();
+
 
   
 
   
// Return a list of {endpoint references, credential hint, credential selector}
 
List getTokenServices()
 
 
   
 
   
  // Return a list of supported token types
+
  // XML representation of the card in RoamingInformationCard format. This Element should be created within the passed Document
  List getSupportedTokenTypes();  
+
Element toXML(Document doc) throws CardException;
 +
 
 +
 
 +
==IManagedInformationCard Interface (extends IInformationCard interface)==
 +
 
 +
All Managed CardSpace-interoperable cards must implement this interface.
 +
 
 +
// An ordered list of security token services
 +
  List getTokenServices();
 
   
 
   
// Is the RP identity required in the token request message?
 
boolean getRequireAppliesTo()
 
 
   
 
   
  // Returns the issuer that is referenced in the returned RSTR
+
  // Indicates that RST must include information identifying the relying
  // (or null if no issuer is listed)
+
Boolean getRequireAppliesTo();
  String getIssuedTokenIssuer();
+
 +
 +
  // PrivacyNotice XML element as it was imported from xml file
 +
Element getPrivacyNotice();
 +
 
 +
 
 +
==IPersonalInformationCard Interface (extends IInformationCard interface)==
 +
 
 +
All Personal CardSpace-interoperable cards must implement this interface.
 +
 
 +
// The base64 encoded bytes of the SHA1 hash of the pin code
 +
byte[] getPinDigest();
 +
 +
 +
// Used to edit claim values of the card
 +
void setClaimList(List claims) throws CardException;
 +
 +
 +
// Used to set/remove pin protection
 +
void setPinCode(String pinCode) throws CardException;
 +
 +
 +
// URI of the context where DigitalSubject with claim values of the card is stored
 +
URI getClaimListContextID();
 +
 +
 +
// ID of DigitalSubject which holds claim values of the card
 +
  String getClaimListSubjectID();
 +
 
 +
 
  
 
==IURICard Interface==
 
==IURICard Interface==

Revision as of 07:21, 21 June 2007

This page describes the two interfaces, ICard and ITokenCard, that all types of Higgins-compatible I-Cards must implement, as well as the optional IURICard interface.

ICard Interface

All I-Cards must implement the ICard Interface:

//Returns the type of this i-card (e.g. "uri", "cardspace", "idemix", "openid", etc.)
String getType();


// A card identifier that is unique to the card issuer. Or at least that
// is what we believe the semantics that Microsoft intended and we currently
// see no reason not to follow
// Return the identifier string   
String getId();


// The unique identifier of the i-card in the i-card registry.
// Because different i-card providers could contains i-cards with the same
// ID, it could be difficult to retrieve the same i-card from the i-card
// registry again using i-card ID.
// The UUID must be unique over all i-card providers in the i-card registry
// to allow retrieve the same i-card from the i-card registry multiple times.
CUID getCUID();


// The version of the card. Useful in subsequent import operations,
// so that cards can be updated or overwritten.
String getVersion();


//the human friendly name of the card. The only thing that will be
// possible to modify after the import.
String getName();


// Representation of a background image of the card.
byte[] getImage();


// The mime type of the background image (JPEG or GIF).
String getImageType();


// Name of the issuer of the card. Used to match the required issuer, if a relying party specifies an issuer in the policy.
String getIssuer();


// The human friendly name of the card issuer
String getIssuerName();


// Returns when the card was first issued, created, originated
Date getTimeIssued();


// Returns (optionally) the time after which the card should
// be considered expired, invalid. Otherwise returns null
Date getTimeExpires();


// If card handles only simple claim types then 
// return a list of all possible types of claims that are supported
// throw exception otherwise
// This is here for backward compatibility with CardSpace cards
//
// Note: this is a convenience method that does the equivalent of
// c = getContext(); and then (presuming c has a simple schema)
// does creates a linear list of claim/attribute types from 
// the schema of c (retrieved by c.getSchema()) 
List getSupportedSimpleClaimTypes() throws ComplexSchemaException;


// List of all possible types of claims (as String) that are supported.
public List getSupportedClaimTypesUris();


// List of claims provided by this ICard.
Iterator getClaims();


// Retrieve the value of a simple claim type 
IClaim getClaim(String type);


IClaim getClaimByShortName(String shortTypeName);


// Provider of this card
ICardProvider getProvider();


// 
String getDescription();


//
void setName(String newName) throws CardException;


// 
void setImage(byte[] newImage, String newImageType) throws CardException;


// 
void setIssuerName(String name) throws CardException;


// 
void setExpiredTime(Date date) throws CardException;


// The list of token types could be issued using this card (this method was moved from ITokenCard) 
List getSupportedTokenTypes();


// Indicates that this card has been issued by user (claim values can be editable)
public boolean isSelfIssued();


// Date when the card was last updated
Date getTimeLastUpdated() throws CardException;


We need to review the following methods of ICard interface (now are absent)

// If card is of type (1) then return a Digital Identity 
// that satisfies the policy policy
// The credential parameter used to authenticate to the 
// Token Issuer--may be null if Token Issuer policy doesn't require it
DigitalIdentity requestDigitalIdentity(Policy policy, DigitalIdentity credential);


// Returns a read-only Context containing one Digital Subject that can be queried for 
// attribute values that are displayed in the card UI (e.g. the
// I-Card Selector Service or I-Card Manager.) 
// If a card does not support a display context it throws the 
// NoDisplayContextException. In this case the user cannot see
// the values of the supported claim types, only the claim types 
// themselves.
IContext getDisplayContext() throws NoDisplayContextException;


// Return whether the user wishes to be asked for explicit release of
// this card's information (i) every time it is requested (ii) only 
// the first time it is requested (iii) never 
ReleasePolicy getReleasePolicy();


// Set the release policy of this card
void setReleasePolicy(ReleasePolicy) throws CardNotOpenException;


// Return a list of the types of exported card data stream formats supported
// ?? presumably a CardFormat also mentions XML language and/or version number
List getSupportedExportFormats();


// Return a data stream containing a serialization of the card
// The format depends on the kind of card 
// E.g. CardSpace I-Cards will export CardSpace format data
String export(CardFormat format);


// UPDATE-RELATED METHODS


// Open the card itself for update. These methods are
// used during the creation of a new self-issued card.
// Pass the URI of the agent that intends to update the card. 
// If the editorID matches the issuerID of the card then 
// update operations are allowed
// Throws CardNotOpenException if 'editorID' does not match the 
// value of getIssuerURI()
final void open(String editorID);


// Return true if card is open for update
boolean isOpen();


// Close a card for update.
void close() throws CardNotOpenException;


To Do

  • Future: we may want to add methods to the a human friendly text name and an icon that informs the user about the kind of data access "protocol" used (if any) to retrieve the underlying data. Examples of strings might be "LDIF", "OpenID", "WS-Trust", etc.
  • Future: we may want to add methods (analogous to the ones mentioned above) to inform the user about the format of the underlying data (e.g. LDAP, RDF, RDBMS, email contacts, etc.)



IInformationCard Interface (extends ICard interface)

All CardSpace-interoperable cards must implement this interface.

// Random entropy used for computing the PPID claim value for the card
byte[] getHashSalt();


// Used as the entropy to generate the token signing key
byte[] getMasterKey();


// XML representation of the card in RoamingInformationCard format. This Element should be created within the passed Document
Element toXML(Document doc) throws CardException;


IManagedInformationCard Interface (extends IInformationCard interface)

All Managed CardSpace-interoperable cards must implement this interface.

// An ordered list of security token services
List getTokenServices();


// Indicates that RST must include information identifying the relying
Boolean getRequireAppliesTo();


// PrivacyNotice XML element as it was imported from xml file
Element getPrivacyNotice();


IPersonalInformationCard Interface (extends IInformationCard interface)

All Personal CardSpace-interoperable cards must implement this interface.

// The base64 encoded bytes of the SHA1 hash of the pin code
byte[] getPinDigest();


// Used to edit claim values of the card
void setClaimList(List claims) throws CardException;


// Used to set/remove pin protection
void setPinCode(String pinCode) throws CardException;


// URI of the context where DigitalSubject with claim values of the card is stored
URI getClaimListContextID();


// ID of DigitalSubject which holds claim values of the card
String getClaimListSubjectID();


IURICard Interface

Some types of I-Cards may implement this interface (extends ICard interface). The card object includes a ContextId URI (which may be an XRI) that refers to an identity attribute-providing service (usually a network endpoint). If the Context referenced by ContextId contains more than one Digital Subject then an IURICard must also return a non-null string from getSubjectId().

The I-Card Providers developed as part of the Higgins project use the Identity Attribute Service to connect to the remote (or local) Context data referenced by this ContextId

// Returns the ContextId associated with this card
String getContextId();

// Returns the subject represented by this card.
// Returns the contextually unique id of a Digital Subject
String getSubjectId();

// Returns an IContext
// Consumers of this method may or may not be able to edit the contents of 
// the returned Context. 
IContext getContext();

See Also

Back to the top